package com.duan.laugh.auth.config;

import com.duan.laugh.common.core.exception.CheckedException;
import com.duan.laugh.common.security.util.LaughUser;
import com.duan.laugh.common.security.util.UserUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.switchuser.SwitchUserFilter;

import javax.servlet.http.HttpServletRequest;

public class SwitchFilter extends SwitchUserFilter {
    private String usernameParameter = "username";

    @Override
    protected Authentication attemptSwitchUser(HttpServletRequest request) throws AuthenticationException {
        String username = request.getParameter(this.usernameParameter);
        final LaughUser user = UserUtils.getUser();
        if (user.getUsername().equals(username)) {
            return super.attemptSwitchUser(request);
        } else {
            throw new CheckedException("只能切换登录用户的系统");
        }
    }
}
